II. AMENDMENTS TO THE CLAIMS 

The following listing of claims replaces all prior versions, and listings, of claims in the 
application: 

1 . (Currently Amended) A system for providing security for an Internet server, comprising: 

a logical security system for processing login and password data received from a client 

device during a server session with the Internet server in order to authenticate a logged in user; 

a physical security system for processing Internet protocol (IP) address information of the 

client device at the Internet server in order to authenticate the client device for the duration of the 

server session; and 

a memory system for storing, at the Internet server, a list of each logged in user and a 
reference IP address collected during a login procedure, wherein the logical security system is 
configured to access the list to authenticate the logged in user, and wherein the physical security 
system is configured to separately access the list in order to authenticate the client device; 

wherein the physical security system includes a proxy server module for comparing only 
[[a]] an incomplete portion of an IP address obtained from a received message against only a like 
incomplete portion of the reference IP address for the logged in user. 

2-3. (Cancelled). 

4. (Currently Amended) The system of claim 1, wherein the physical security system terminates 
the session for the user if the incomplete portion of the IP address obtained from the received 
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message does not match the like incomplete portion of the reference IP address for the logged in 
user. 



5. (Currently Amended) The system of claim 4, wherein the physical security system deletes all 
instances of the logged in user from the stored list if the incomplete portion of the IP address 
obtained from the received message does not match the like incomplete portion of the reference 
IP address for the logged in user. 

6. (Cancelled). 

7. (Currently Amended) A method of authenticating a user accessing an Internet server, 
comprising: 

storing in a memory system, at the Internet server, a reference Internet protocol (IP) 
address and associated login data whenever a new server session is initiated on the Internet 
server from a client device; 

receiving a message from a requesting user at the Internet server; 

obtaining login data accompanying the message; 

obtaining an IP address from a message header in the message; 

determining if the login data of the requesting user is currently listed in the memory 
system as an existing session with the Internet server; and 

if the login data of the requesting user is currently listed, determining at the Internet 
server if the IP address from the received message matches the reference IP address associated 
with the login data of the requesting user, the determining of the IP address including examining 
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only [[a]] an incomplete portion of the IP address of the requesting user and determining if the 
incomplete p ortion matches only a like incomplete portion of the reference IP address. 

8. (Original) The method of claim 7, comprising the further step of initiating a login procedure if 
the login data of the requesting user is not currently listed in the memory system. 

9. (Currently Amended) The method of claim 7, comprising the further step of terminating all 
server sessions listed in the memory system having the login data of the requesting user if the 
incomplete portion of the IP address from the obtained message does not match the like 
incomplete portion of the reference IP address. 

10. (Cancelled). 

1 1 . (Currently Amended) A program product stored on a recordable medium for providing 
security for an Internet server, the program product comprising: 

a component for processing logical security information received from a client device 
during a server session in order to authenticate a logged in user; 

a component for processing Internet protocol (IP) address information of the client device 
in order to authenticate the client device during the server session by comparing the IP address of 
a received message against the list of IP addresses stored by the server; and 

a component for storing, at the Internet server, a list of each logged in user and a 
respective reference IP address collected during a login procedure, wherein the component for 
processing logical security information is configured to access the list to authenticate the logged 
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in user, and wherein the component for processing IP address information is configured to 
separately access the list to authenticate the client device; 

wherein the component for processing IP address information includes a proxy server 
module for comparing only [[a]] an incomplete portion of an IP address obtained from a received 
message against only a like incomplete portion of the reference IP address for the logged in user. 

12-13. (Cancelled). 

14. (Currently Amended) The program product of claim 1 1 , wherein the component for 
processing IP address information terminates the session for the user if the incomplete portion of 
the IP address obtained from the received message does not match the like incomplete portion of 
the reference IP address for the logged in user stored in the list. 

15. (Currently Amended) The program product of claim 14, wherein the component for 
processing IP address information deletes all instances of the logged in user from the stored list if 
the incomplete portion of the IP address obtained from the received message does not match the 
like incomplete portion of the respective reference IP address for the logged in user. 

16. (Cancelled). 

17. (Currently Amended) The system of claim 1, wherein the incomplete portion of the IP 
address includes the first characters of the IP address. 
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18. (Currently Amended) The method of claim 7, wherein the incomplete portion of the IP 
address includes the first characters of the IP address. 



19. (Currently Amended) The program product of claim 1 1, wherein the incomplete portion of 
the IP address includes the first characters of the IP address. 

20. (Currently Amended) The system of claim 1, wherein the IP address information is received 
from a proxy server capable of sending a plurality of IP addresses assigned to a plurality of client 
devices, and wherein the IP address includes [[a]] the incomplete portion which is constant for 
each of the plurality of IP addresses. 

21 . (Currently Amended) The method of claim 7, wherein the IP address information is received 
from a proxy server capable of sending a plurality of IP addresses assigned to a plurality of client 
devices, and wherein the IP address includes [[a]] the incomplete portion which is constant for 
each of the plurality of IP addresses. 

22. (Currently Amended) The program product of claim 1 1 , wherein the IP address information 
is received from a proxy server capable of sending a plurality of IP addresses assigned to a 
plurality of client devices, and wherein the IP address includes [[a]] the incomplete portion 
which is constant for each of the plurality of IP addresses. 
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